Exploiting the vulnerabilities of Microsoft Office 365, foreign hackers succeeded in breaching the digital security perimeter of the US Treasury Department, gaining entry into the government agency's system.
Hackers allegedly backed by a foreign government that US authorities did not publicly disclose, broke into the computer systems of the US Treasury Department using known vulnerabilities in Microsoft Office 365. Sources within the FBI, the US National Security, and Cybersecurity and Infrastructure Security Agency (CISA), a cybersecurity division of the Department of Homeland Security, revealed that the exploit allowed hackers to monitor internal email traffic of the US Treasury Department, as well as an agency that decides on matters regarding Internet and telecommunications policies.
In a statement, John Ullyot, the spokesperson for the national security council, said the federal government knows about the incident. "The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation," Ullyot said. While authorities did not specifically name the suspected foreign hackers or their alleged sponsor, they mentioned the attackers used vulnerabilities found in Microsoft Office 365 to gain entry into the US Treasury Department's system.
According to a couple of people briefed on the matter, there is great concern among the US intelligence community because of the latest hacking incident on the National Telecommunications and Information Administration (NTIA) of the Commerce Department and the Treasury Department. They said the alleged foreign hackers might use the same tool to hack into other government agencies to view or steal sensitive, confidential materials. The people familiar with the matter did not disclose which other US agencies are at risk.
US Treasury dept has been breached by foreign state backed hackers. Information for deciding policy around the internet and telecommunications was stolen.
Someone should check what Trump knew https://t.co/nfP3bCJASg — Olga Lautman (@OlgaNYC1211) December 13, 2020
Reports say the hacking incident that alleged state-sponsored foreign hackers perpetrated is so serious that the White House convened its National Security Council to discuss the matter. Sources say that the hack involved using vulnerabilities in Microsoft Office 365, the software used at the US Treasury Department and NTIA offices. They also revealed that hackers have been monitoring staff emails for months before authorities discovered the breach.
BREAKING: A foreign government has hacked & exfiltrated info from the the US Treasury Dept & another agency. Major scoop by @Bing_Chris https://t.co/3xmtSXsho6 pic.twitter.com/nsXQtn7ED0 — John Scott-Railton (@jsrailton) December 13, 2020
News outlets sent a request for comment to Microsoft, though its spokesperson has not made a reply yet as of posting. Sources who revealed the news about state-sponsored foreign hackers breaking into the system of the US Treasury Department using Microsoft Office 365 vulnerabilities say mentioned the sophistication of the attack. A person familiar with the incident and spoke on condition of anonymity said the hackers are extremely "highly sophisticated" and knowledgeable enough to trick the authentication controls of the Microsoft platform. "This is a nation-state, we just don't know which one yet," said one person briefed on the attack.
